A new study from EiQ Networks has found that nearly 90% of IT professionals expressed “concern” or “high concern” that they would face a data breach in 2015, yet only 15% of respondents said they were “well prepared” for one.
According to EiQ, these findings reflect a “lack of confidence in existing security technologies and difficulties obtaining budget and specialized talent to effectively protect information systems in an increasingly complex threat environment.”
While the report’s main finding was that IT security professionals are concerned at the prospect of facing a data breach, the report also revealed that the same professionals were not confident in their organisations’ preparations:
- Only 15% reported that they were “well prepared” for a data breach.
- Only 21% were “confident” that their security technologies could mitigate cyber security risks.
- Only 31% of respondents reported having a “solid process” in place for cyber defence.
- 60% of respondents said they had only a “partial process” for cyber security and 11% had “no process at all”.
This widespread lack of confidence clearly demonstrates that organisations are not doing enough to mitigate cyber threats – and they know it. So what’s stopping them? A lack of time? Resources? Budget? Expertise?
Are you worried about cyber threats but don’t know what to do about them?
ISO 27001, the international standard for information security management, reflects the fact that good information security is an enterprise-wide concern that addresses people as well as processes and technology. The Standard sets out the requirements of an information security management system (ISMS), a holistic approach to information security that can be implemented by all organisations. Employing an ISMS will ensure that software is kept up to date, that staff are appropriately trained to recognise and mitigate threats, and that processes are in place to handle data breaches properly.
All organisations will benefit from IT Governance’s fixed-price ISO 27001 Packaged Solutions, which provide a series of implementation resources at transparent prices to suit all budgets and levels of expertise. Whatever your constraints or your preferred project approach, we have a solution to help you protect your organisation from cyber threats.